Enabling ownership-based access control on a hosted feature service

For feature services you publish from ArcMap to My Hosted Services, you can control who can edit features and what edits each person can perform by enabling ownership-based access control on the service.

Ownership-based access control allows you to specify which edit operations can be performed on specific features and who can perform the edits. For example, you can set up the service so only the person who adds the feature can update or delete it, and all other people connecting to the service only can query the feature.

You must enable editor tracking on the feature class before you publish to My Hosted Services. Then you can set ownership-based access rules on the feature service as described in the following sections:

Prepare the data for publishing to My Hosted Services

The feature class you publish to My Hosted Services must contain fields to store the creator name, editor name, creation date, and date the feature was last edited, and have editor tracking enabled before you publish.

Steps:
  1. Start ArcMap and open the Catalog window.
  2. Connect to the geodatabase or database that contains the feature class you want to publish.

    You must connect as the owner of the feature class.

  3. If the feature class already contains fields for storing the creator's name, date a feature was created, editor's name, and date the feature was last edited, use the feature class Properties dialog box to enable editor tracking.
    1. Right-click the feature class and click Properties.
    2. Click the Editor Tracking tab.
    3. Click Enable editor tracking.
    4. Use the drop-down lists to specify which fields to use to record editor information.
    5. Choose to record dates in UTC.
    6. Click OK to close the Properties dialog box and apply your changes.
  4. If the feature class does not contain fields for storing creator and editor names and dates, use the Enable Editor Tracking geoprocessing tool to enable editor tracking.
    1. Open the Enable Editor Tracking tool.
    2. Specify the feature class for which you want to enable editor tracking in the Input Dataset field.
    3. Check the box next to Add fields if they don't exist.
    4. Type names for the fields that will record the name of the user who adds features, the date the feature was added, the name of the user who last edited the feature, and the date the feature was last edited in the Creator Field, Creation Date Field, Last Editor Field, and Last Edit Date Field text boxes, respectively.
    5. Choose to record dates in UTC.
    6. Click OK to run the tool.

Publish the feature class to My Hosted Services

Follow the instructions in Publishing a hosted feature service using an ArcMap document to publish the feature class to My Hosted Services.

Enable ownership-based access control on the service

Sign in to ArcGIS Server Manager, stop the feature service, and enable ownership-based access control on the feature service.

Steps:
  1. Sign in to ArcGIS Server Manager as the portal administrator or the owner of the hosted feature service.
  2. Open the Hosted folder and stop the hosted feature service by clicking the StopStop button.
  3. Double-click the hosted service to open the service properties.
  4. Click Capabilities.
  5. Choose Feature Access from the list of capabilities.
  6. In the Properties section, check Enable ownership-based access control on features.
  7. Under Operations allowed on features created by other users, check which edit operations you want people to have on features they did not create.

    For example:

    • If you uncheck Query, the person logged in to the service will only see features he or she creates.
    • If Query is checked, but Update and Delete are unchecked, features are read-only for anyone but the creator of the feature.
    • If Query and Update are checked, but Delete is unchecked, features can be queried or altered by nonowners but cannot be deleted.

  8. Save the changes you made to the service properties.

Start the service

Once editor tracking and ownership-based access control are enabled, restart the hosted feature service.

Steps:
  1. Click the Hosted link to go back to the list of hosted services.
  2. Click the Start Start button next to the hosted feature service to restart it.

People connecting to your hosted feature service can now only perform those edit operations you have allowed, and all edits made through the feature service will record the user name of the connecting user and the time the edit was made.

3/24/2014